Ukrainian national charged for his role in ‘Raccoon Infostealer’ malware scheme

US prosecutors charged a Ukrainian national Mark Sokolovsky for his involvement in a scheme that infected millions of computers around the world with malware.

Sokolovsky, 26, is currently awaiting extradition to the United States in the Netherlands. According to the Department of Justice, he conspired to operate the Raccoon Infostealer as a malware-as-a-service or “MaaS.”

Sokolovsky allegedly rented the Raccoon Infostealer program to threat actors, who then used it to steal the data of over two million people. Cybercriminals opted for phishing techniques to convince their victims to deploy ransomware on their devices.

The information included over four million emails, as well as passwords and financial details. Overall, law enforcement has identified 50 million unique credentials and forms of identification from the stolen data.

Charges against Sokolovsky add up to a maximum of 20 years in prison and include the wire fraud and money laundering offenses, the conspiracy to commit computer fraud charge, and the aggravated identity theft offense.

“As reflected in the number of potential victims and global breadth of this attack, cyber threats do not respect borders, which makes international cooperation all the more critical. I urge anyone who thinks they could be a victim to follow the FBI’s guidance on how to report your potential exposure,” Deputy Attorney General Lisa O. Monaco commented.

Along with Sokolovsky’s arrest in March 2022, the FBI and law enforcement partners in Italy and the Netherlands took the then-existing version of Racoon Infostealer offline.

“This case also serves as a reminder to public and private sector organizations of the importance to report internet crime and cyber threats to law enforcement as soon as possible. Working together is the only way we’re going to stay ahead of rapidly changing cyber threats,” FBI Special Agent in Charge Oliver E. Rich Jr highlighted.